003003c52ab7997a0f2b7a05a5338ff9

Sharing

Copy URL Twitter E-mail

General

Target

003003c52ab7997a0f2b7a05a5338ff9
Size

604KB
MD5

003003c52ab7997a0f2b7a05a5338ff9
SHA1

8795e5ca8813fd546862aade484ce2c822d553ab
SHA256

81e2fdb54b19430b6c688cea0542582b539d36d7b6ef873224d7b3df4028de84
SHA512

dc5beb7f24abfb0d40d378e8b8cb30a79af1fbe5bc9def0541e3b198a2a5d9daa33a2e3b1b8a255e078bed66dbcc389730533b56093f92215f3ae892e98067b2
SSDEEP

12288:fqNNdrZwiYRcrTvggdJlKQGSibefeNqRBCZ2CZrosPxXEuLR1BZJPvc:Wvg+lUeGk30ysPxpLR1HJnc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
003003c52ab7997a0f2b7a05a5338ff9

Files

003003c52ab7997a0f2b7a05a5338ff9
.exe windows:4 windows x86 arch:x86

d436cfb553e2ed4e11c369fd96eb62de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpQueryInfoW
GopherGetLocatorTypeA

comctl32

ImageList_Add
ImageList_AddMasked
ImageList_LoadImage
ImageList_Draw
CreateStatusWindowW
ImageList_GetDragImage
DrawInsert
ImageList_GetImageRect
DrawStatusTextA
ImageList_Create
_TrackMouseEvent
CreateStatusWindow
ImageList_GetImageCount
ImageList_GetBkColor
ImageList_SetFilter
ImageList_DragEnter
ImageList_DragMove
ImageList_DrawEx
ImageList_BeginDrag
InitCommonControlsEx
ImageList_LoadImageW
ImageList_SetImageCount
ImageList_GetIconSize
DrawStatusTextW

comdlg32

ChooseColorW
FindTextW
ReplaceTextA

kernel32

LCMapStringA
GetProfileIntA
OutputDebugStringA
FindAtomA
TlsAlloc
GetDriveTypeW
GetSystemTimeAsFileTime
SetConsoleTextAttribute
DeleteCriticalSection
IsBadWritePtr
EnterCriticalSection
QueryPerformanceCounter
GetComputerNameA
GetVersionExA
ReadConsoleOutputAttribute
FreeEnvironmentStringsW
FindClose
RtlUnwind
GetTimeFormatW
GetEnvironmentStringsW
CreateFileW
GetModuleFileNameA
HeapAlloc
GetTimeZoneInformation
FileTimeToLocalFileTime
LoadLibraryExA
GetPrivateProfileSectionA
LocalFree
VirtualLock
ContinueDebugEvent
EnumDateFormatsA
GetTimeFormatA
AddAtomW
InterlockedExchangeAdd
GetTickCount
EnumCalendarInfoExW
GetThreadContext
FillConsoleOutputAttribute
CloseHandle
TlsFree
GetDateFormatA
GetVolumeInformationA
CreateFileMappingW
GetCurrentThread
InterlockedExchange
HeapDestroy
GetSystemDirectoryA
HeapCreate
IsBadReadPtr
FreeEnvironmentStringsA
InitializeCriticalSection
WriteFile
HeapFree
VirtualAlloc
SetLastError
LockFile
OpenWaitableTimerW
GetProcAddress
GetFileType
IsValidCodePage
VirtualQuery
GetCurrentThreadId
DosDateTimeToFileTime
LeaveCriticalSection
ResumeThread
SetEnvironmentVariableA
SetConsoleCursorInfo
IsValidLocale
OpenFileMappingW
WriteProfileStringA
GetCommandLineA
FindNextFileW
LoadLibraryA
GetProcessAffinityMask
FlushFileBuffers
GetConsoleOutputCP
GetStringTypeW
TlsGetValue
GetCPInfo
LCMapStringW
GetSystemInfo
WriteFileEx
FindFirstFileA
WaitForSingleObject
CreateMutexA
InterlockedDecrement
SetConsoleCtrlHandler
VirtualProtect
GetCurrentProcessId
GlobalReAlloc
GetModuleHandleA
ExitProcess
GetStartupInfoA
GetUserDefaultLCID
FindAtomW
MultiByteToWideChar
GetStdHandle
CompareStringA
WaitForMultipleObjects
AllocConsole
GetLocaleInfoW
UnhandledExceptionFilter
DebugBreak
GetEnvironmentStrings
SetLocalTime
GetACP
GetModuleHandleW
CreateEventA
CreateMailslotA
WriteConsoleOutputA
WideCharToMultiByte
ExpandEnvironmentStringsW
lstrlenW
VirtualFree
GetOEMCP
TerminateProcess
EnumSystemLocalesA
GetDriveTypeA
SetStdHandle
EnumCalendarInfoExA
CreateFileA
GetCurrentProcess
HeapReAlloc
DuplicateHandle
EnumResourceLanguagesW
LocalLock
GetLastError
InterlockedIncrement
CommConfigDialogW
InitializeCriticalSectionAndSpinCount
CompareStringW
GetShortPathNameW
HeapValidate
GetProcessHeap
OpenMutexA
FlushConsoleInputBuffer
FileTimeToDosDateTime
ReadFile
TlsSetValue
SystemTimeToFileTime
GetNamedPipeInfo
FormatMessageA
CopyFileExA
SetHandleCount
GetLocaleInfoA
GetStringTypeA
lstrcpyA
LockFileEx
UnmapViewOfFile
DebugActiveProcess
SetFilePointer
GetPrivateProfileSectionW
WaitNamedPipeW
SetConsoleMode

user32

GetClassInfoExW
DdeGetData
RealGetWindowClass
ReplyMessage
GetCapture
wsprintfW
GetCaretPos
GetUserObjectInformationW
SetProcessDefaultLayout
ShowOwnedPopups
IsCharAlphaA
CloseDesktop
RegisterClassExA
DdeFreeDataHandle
SystemParametersInfoW
DrawCaption
EnumWindowStationsA
CharPrevW
LoadStringA
DrawTextA
GetOpenClipboardWindow
UnionRect
SendMessageTimeoutA
WinHelpW
CheckDlgButton
DdeInitializeA
GetCaretBlinkTime
wvsprintfA
GetClassInfoA
PostQuitMessage
GetWindowPlacement
GetClassInfoW
CharToOemA
GetProcessDefaultLayout
EnumChildWindows
IsIconic
DdeAbandonTransaction
MoveWindow
OpenDesktopA
SetWindowsHookA
IsRectEmpty
IsCharLowerA
CloseClipboard
GetWindowModuleFileNameW
HideCaret
PeekMessageW
DrawFocusRect
DestroyAcceleratorTable
wvsprintfW
InSendMessageEx
GetFocus
DdeUnaccessData
DdeAccessData
InvalidateRect
GetUpdateRgn
DrawStateA
LoadMenuA
EditWndProc
SetMenuItemInfoA
ToAsciiEx
RemovePropW
OpenClipboard
DefFrameProcW
SetWindowsHookExA
CallMsgFilterW
GetForegroundWindow
CloseWindow
GetTabbedTextExtentW
CallWindowProcA
CreateWindowExA
MessageBoxA
ShowWindow
GetMenuItemID
SendDlgItemMessageW
GetWindowDC
MonitorFromRect
GetWindowTextLengthW
DestroyWindow
RegisterDeviceNotificationA
SetPropA
DefWindowProcA
ChangeClipboardChain
DlgDirListA
EnableWindow
TabbedTextOutA
ChangeDisplaySettingsW
UnhookWindowsHook
SetUserObjectSecurity
VkKeyScanExW
AdjustWindowRectEx
SetMenu
SetCaretBlinkTime
CreateIconFromResource
RegisterClassA
InsertMenuItemA
GetKeyNameTextA
IsDialogMessage
GetClipboardSequenceNumber
TrackPopupMenuEx
DdeConnectList

Sections

.text
Size: 212KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d436cfb553e2ed4e11c369fd96eb62de

Headers

File Characteristics

Imports

wininet

comctl32

comdlg32

kernel32

user32

Sections

.text Size: 212KB - Virtual size: 208KB

.rdata Size: 252KB - Virtual size: 250KB

.data Size: 116KB - Virtual size: 135KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 212KB - Virtual size: 208KB

.rdata
Size: 252KB - Virtual size: 250KB

.data
Size: 116KB - Virtual size: 135KB

.rsrc
Size: 20KB - Virtual size: 16KB